Data Engineer for IT Security (f/m/d)

Your area of work:

In your new position, you will become a member of the Cyber Defense team, part of Group Security in Prague. Cyber Defense team is responsible for all aspects of Security Information and Event Management (SIEM), Computer Emergency Response (CERT), and Security Operations Center (SOC). In order to fully protect the information assets of DBG, Cyber Defense is aiming to achieve a proactive detection of threats and improve monitoring of DBG information assets to protect them from cyber-attacks effectively, dealing with implementation and maintenance a state-of-the-art SIEM/SOC tooling, architecture and use cases content in order to support establishing Cyber Defense as a center of excellence for threat intelligence.

In the advertised position, you will be focused on the analyzing and modelling security-related data, programming algorithms within the SIEM platform related activities with focus on the IS domains Security Incident Management, Alert & Log monitoring, Cyberthreat & Vulnerability management. Beside that you will support various Information Security related projects ensuring robustness and the state-of-the-art solutions following the regulatory requirements and the best industry practices.

Your responsibilities: 

• Develop and maintain state-of-the-art data models and algorithms based on threat scenarios and methodologies to achieve full visibility of potential threats to DBG arising from social media and internet
• Design, develop and maintain SIEM related use cases across a complex technology stack of DBG, required to timely detect and mitigate attacks and malicious activities using Splunk ES and other security platforms
• Optimize technology stack used in Cyber Defense to proactively detect threats through usage of threat intelligence and threat hunting techniques
• Support automation of SIEM workflows using Splunk ant other technologies
• Work with subject matter experts across the Group to transform the maturity of the SIEM/SOC to an industry-leading organization
• Support research projects, e.g., exploring of new cyber scenarios in emerging technologies like containers, cloud, etc.

Your profile:

• University or comparable degree in Computer Science, Information Security, Engineering, or related discipline
• 3+ years of experience in a Splunk (or similar) platform environment, implementing use-cases and data models
• Solid technical background and practical knowledge in machine learning, databases, Python and other PLs, ETL & security engineering
• Good knowledge and understanding of Cyber Security technologies, processes, and methodologies (e.g., SIEM, SOAR, IDS/IPS, threat analysis, incident response, forensics analysis, Kill Chain, MITRE ATT&CK)
• Excellent analytical skills, creativity, critical thinking, ability to identify problems and propose solutions
• Proficiency in written and spoken English; French and/or German is an asset